Meta

Category: Technology

A while ago I wrote a post about the experience I had setting up LLDP on Cisco switches with ShoreTel phones. Since then I have learned a trick or two and though I’d give a little update.

In the post I mentioned changing the configuration files for the phones on the ShoreTel server in order to correctly set the language and country, thus making the dial tone etc sound correct to end users. Unfortunately, this approach is broken. While it works to start with, we found that ShoreTel overwrites the configuration files periodically and removes the custom settings enter, which is a pain un the UK when the default country for ShoreTel is USA.

To get around this, there are some other configuration files which I was made aware of by our ShoreTel partner. Fortunately though ShoreTel provide some custom configuration files for each phone which are included in the main configuration file. The table below shows which custom configuration file you need for each model of phone.

So within the c:\inetpub\ftproot\sevgcustom.txt file for the IP 230g phones we use, all we have to do is add the following to the file.

# Please consult Shoreline support before editing or deleting this file

Include “Country_7.txt”
Include “Language_4.txt”

And done. If you reboot a phone, you will see it downloads the sevgcustom.txt file from the server and the language and country settings are all correct.

Don’t forget to change the configuration files for any other model phones you have!

A little over a year ago I was excited to receive my new tado smart thermostat. When it dropped on the doorstep I couldn’t wait to get it installed and it was actually up and running in less than half an hour before I had to go to work. The instructions provided were tailored to my setup based on the boiler and existing thermostat and were easy to follow, although an “expert” mode would have been nice as I’m familiar with central heating wiring to start with. The included extras were a big plus though, including everythin one might need for the installation.

Configuration of schedules isn’t as simple as I had imagined it would be. Having to add new sections which tweaked the sections either side of them, which made the process quite tedeous. The only real positive was the fact you only need to spend the time once when first setting up the tado.

Location based control using the family’s phones worked suprisingly well and was pretty accurate. Not having to worry about turning the heating off before leaving the house was very convenient and having the house warm when we returned improves the whole coming home in the dark after work depression. It also worked well for when the kids return from school before me and the wife, not having to worry about teaching the kids how the heating system works was great.

The thermostat itself is pretty vanilla looking which I suppose makes its integration into your room decor pretty pain free. Unfortunately though, the thermostat isn’t particularly user friendly or responsive. I seemed to find myself standing in front of the thermostat far longer than I used to with the old thermostat, just to turn the temperature up a degree or two.

Unfortunately the experience continued to decline from there. Tado promised apple HomeKit integration “soon” which was one of the selling points for me personally. There was also talk of an Apple Watch app too, which could have been excused if HomeKit integration was available. After a year of “2nd quarter” then “third quarter” and so on as a release date though I pretty much gave up on HomeKit integration. Then I received an email claiming it would be available within a month and to contact support to arrange a replacement tado bridge to enable it. Then the release was delayed again. Then again. I wish I was exaggerating. It’s even more insulting that they have managed to release radiator valves in the same time frame.

Then came the fabled savings touted on tado’s website. According to their website a house the same age and same size as mine should see over €1,000 saving. I knew this was far fetched, but I wasn’t prepared to see the actual savings I made on gas over the period of 12months. £33. Again, I wish I was exaggerating but unfortunately not. This means my tado cost me £110 in the first year. Nothing like what was implied on tado’s website.

Last week I received an email from tado reminding me that my next annual subscription was due, which is upwards of £100. After contacting tado to voice my concerns and receiving no reply other than automated “we’re sorry it’s taking so long” messages I was fed up with tado’s customer service. I then emailed them again to tell them to cancel my subscription and send a box to return my tado. I’m yet to receive a response three weeks later.

While I like the idea of smart thermostats and understand the concept of energy efficiency using technology, tado isn’t a product I would endorse. Don’t get me wrong, it has worked reliably since the day I got it, but the lies, broken promises and lack of customer service to back their technology leaves me disappointed at best. Since central heating is imperative to the comfort and health of my family, tado is now back in it’s box waiting to be collected and there is a nest on my wall in it’s place. At the end of the day, the nest was only £30 more to buy outright than the next annual tado subscription, so it was a no brainier really. Plus it looks way cooler. And it’s easier to use. And the schedule is far superior.

A few years ago the courts in the UK Ordered that UK block access to the popular torrent site; The Pirate Bay. Fair enough. But was that a wise desicion, or one made by dinosaurs that don’t understand the current digital landscape?

Torrent sites like The Pirate Bay have been an effective distribution vector for malware for years. Non-savvy consumers often Google “(latest movies here) free download” and end up at a site such as TPB to download the latest flick. Unfortunately deviants (pronounced Dick Heads) took notice of this and started seeding infected wares to build their botnets or extort money out of unassuming folk using encryption to lock their baby pictures and cat videos.

So blockin access to TPB was a good thing, right? I don’t think it was.

Now when people try to obtain illegitimate copies of software, movies, music etc, they end up at smaller torrent sites, a lot of which are funded by the same deviants that used to target consumers through TPB.

For slightly more savvy users, TPB is still accessible by googling “TPB proxy” and choosing one of the many proxies available for free. The problem with these proxies is that they too are riddled with malware nasties trying to take advantage of people looking to save a few quid.

So, with Sony’s PlayStation Network sustaining massive DDoS attackes on a regular basis, I can’t help but think that the majority of the infected nodes in the botnet are probably as the result of consumers trying to circumvent the UK TPB block and ending up on a less reputable website. I bet Sony didn’t consider that when they approached the courts to ban TPB.

This is all speculation of course. I’d bet my last dollar on it being at least partially accurate though.

I don’t usually like “trendy” companies. I’m not averse to modern upbeat companies in the slightest, it’s more their marketing strategies that I sometimes find obnoxious.

Monzo (Formerly Mondo) is a different kettle of fish though, if you can see past all the emote’s in every single communication released by the company. For anybody that doesn’t know who Monzo are, they are a new banking startup here in the UK looking to revolutionise the was people do banking. You can find more information at their website if you are interested, but I’m going to go through my favourite bits right here.

At the moment Monzo only offer a pre-paid MasterCard that can be topped up via the companion app on my smart phone. This is a reasonable stop-gap until they obtain their full banking license and are allowed to offer current accounts as it gives users an opportunity to explore their app and some of the features they think will change the payment card industry. It also allows them to gather feedback from the community about what they want from a bank.

Instant Transaction View

First of all, within seconds of me making a payment using my Monzo card, the transaction appears in the app. The payment also includes details of where the transaction was made on a map and gives statistics on how much has been spent in total with the retailer. In comparison, my current account with another leading UK bank doesn’t show me debit card transactions in their app for 5 days. They are quick enough to deduct it from my available balance though.

Notifications

The Monzo app sends me notifications for every transaction made using my Monzo card, wether it was in store or online. It event tells me if a transaction was declined for whatever reason, which helps to keep other accounts in order. Notifications seem to be pretty instant too, which is good.

International Usage

Using my card when I travel abroad is great. Instead of my bank charging me a percentage of all transactions plus extra charges for cash in a different currency, Monzo charge me nothing. Not only that, you get a favourable exchange rate as well. In fact, I withdrew €200 while in Amsterdam and I was told the exchange rate instantly. By the time the funds cleared though the exchange rate had fallen, so Monzo gave me the better rate without me even knowing about it. You can’t argue with that sort of service.

Card Freezing

The app allows me to instantly freeze my own card whenever I like. Wether I’ve lost my wallet or simply don’t want somebody skimming the contactless chip in my pocket. This is a very handy feature. I can also defrost my card in the same way when I want to use it.

PIN Reminders

If you’re anything like me, you’ve probably forgotten your PIN for at least one card in your lifetime. Usually that involves calling the bank, waiting on hold for 45 minutes, answering your security questions which you have probably forgotten, and then waiting 5 days for a new pin to drop on your door map. It’s just not that tricky in the Monzo app. Simple login, Go to your card settings and click PIN. After presenting my fingerprint to prove it is me, my PIN is shown on-screen. I’d say biometric authentication is more secure than a peice of paper handled by hundreds of hands to get to me any day.

Magstrip Security

Everybody knows the magstrip is the least secure part of a payment card. That’s why it’s disabled by default on Monzo cards. Due to issues with international travellers not being able to use magsrtip only ATMs however, Monzo have added a cool feature in the app to enable the magstrip for 24 hours. Now that an ingenious solution to an outdated technology flaw that won’t go away because of the unwillingness of ATM owners to update their ATMs.

Location Based Security

Another cool feature to help protect users is Location Based Security, Which would help if your card was cloned. Basically, whenever a transaction is made with the card present, Monzo use the location of your smart phone to determine if it was made by you or not.

Conclusion

I think Monzo will do well in the current banking landscape. It’s about time a bank came along that didn’t rely on ancient mainframes, batch processing payments and taking days to clear funds. It’s 2017 and that just isn’t acceptable any more. I noticed some of the big banks claim to not be worried about Monzo. I’m sure Research in Motion said something similar when Steve Jobs announced the first iPhone, and look where it got them.

Personally I can’t wait for them to launch their current accounts so I can lose my legacy banks and start banking in a smarter manner. Let’s just hope they keep to their promises of reasonable charges and fair practices.

Recently I was tasked with setting up Dial-in conferencing in Skype for Business using a Shoretel voip system and the PSTN Gateway. Seems simple, until you do some digging and find out that Shoretel 14 doesn’t support SIP over TCP, and S4B doesn’t support SIP over UDP.

I looked at the recommended option from Shoretel, which is a Mediant Session Border Controller to proxy between the two voip systems. I’m sure that would work fine if money was no object, but when the budget for the project is minimal, another option is required. The option I settled on was an open source PBX platform in the form of FreePBX, which is essentially a gui for Asterisk.

After a lot of research, posts with missing information and trial and error I finally got the solution working by following multiple guides for various products connecting to other products until I finally found a configuration that worked. The solution has been in place for roughly a month now and seen a reasonable amount of load while remaining stable. We haven’t had any call quality issues over PSTN either.

I should point out here though that this particular installation wasn’t configured to support enterprise voice and user extensions would still remain in Shoretel. If User Extensions on Skype is your end game, then maybe this solution isn’t for you. Feel free to follow along though.

Disclaimer: Some of the configuration detailed in this post is quite advanced and shouldn’t be attempted on a live system unless you are confident you know what you are doing. I am not responsible for any damage you cause to your own systems. The settings in this post are the settings used in our setup and work for us. The settings required for your setup may differ.

The version numbers of the components used are as follows.

Shoretel – 19.42.8801.0

FreePBX – 12.0.76.4

Skype For Business – 6.0.9319.0

FreePBX Installation

To start with I followed a guide on PowerPBX to get Asterisk installed on Ubuntu Server. I’d recommend doing the same if you don’t already have a FreePBX installation or are as new to FreePBX as I am. Some of the settings later in this post may conflict with settings currently in use if you already have a FreePBX installation that you intend to use.

Shoretel Trunk Setup

Next you need to make sure your Shoretel system is ready to use SIP trunks. This involves allocating switch ports for SIP trunks. To do this, you need to do the following:

Open up Shoreware Director.

Navigate to Platform Hardware > Voice switches > Primary.

Click the name of the switch you want to allocate the SIP Trunks on.

Change one (or more) of the ports to 5 SIP Trunks.

Click Save.

Next you need to configure a Trunk Group on the Shoretel system. To do this you need to navigate to Trunks > Trunk Groups. Select the site that contains your switch with the SIP trunk port(s) configured and select SIP from the Type drop down before clicking Go.

I’ll list the settings used by our setup below. You may need to tweak these for your own deployment.

Name – Skype for Business.

Enable SIP Info for G.711 DTMF Signalling – Unchecked.

Profile – Default Tie Trunk.

Digest Authentication – {None}.

Username – siptrunkusername (Not my actual username).

Password – siptrunkpassword (Not my actual password).

Number of Digits from CO – 4.

DNIS – Unchecked.

DID – Unchecked.

Extension – Checked

Translation Table – Checked []

Prepend Dial In Prefix – Unchecked

Use Site Extension Prefix – Unchecked

Tandem Trunking – Checked

User Group – Skype (This is a custom user group we created to force outbound calls through a certain ISDN trunk group. If you need to change this from the default you will probably know how to create a new user group anyway.)

Prepend Dial In Prefix – 9

Destination – 1700: Default.

Outbound – Checked.

Access Code – 9.

Local Area Code – 1670 (Yours will be different).

Carrier Code – Blank.

Billing Telephone Number – Blank.

Trunk Services Section

Local – Unchecked

Long Distance – Unchecked

National Mobile – Unchecked

International – Unchecked

Enable Origin Called Information – Unchecked

Caller ID not blocked by default – Checked

Enable Caller ID – Checked [Blank]

Emergency – Unchecked

Trunk Digit Manipulation Section

Dial Local Numbers in National Form – Unchecked

Dial in E.164 Format – Checked

Prepend Dial Out Prefix – Blank

Off System Extensions – Click Edit

Click New

Enter an extension range to be used by Skype. We used a range of 50 extensions to allow for future expansion, one will do usually though. Make sure the range of extensions are not in use else where on your system. They don’t need to have a DDI on a different trunk as we will be using a DNIS map later to route a DDI to the off system extension. We used 8500-8550

Click OK

Translation Table – {None}

Click Save.

Next you will need some individual trunks within the trunk group:

Navigate to Trunks > Individual Trunks.

Select the same site as the Trunk Group you have just created, and then select the Trunk Group from the drop down menu, followed by Go.

Enter a Name for the trunks. Shoretel will increment the name with numbers if there is more than one individual trunk.

Select the switch to use for the SIP trunks. This will be the switch you configured earlier.

Enter the number of individual trunks you want in the group. A trunk is required for each phone call or participant of a conference. Don’t exceed your licensed amount of SIP Trunks unless you know how the licensing on Shoretel works..

Enter the IP address of your Free PBX server.

Click Save.

FreePBX System SIP Configuration

Now for the FreePBX configuration. Providing you followed the guide mentioned earlier, and didn’t have any problems, you should have a working FreePBX server installed and running. You will need to tweak some of the system SIP settings to make this solution work.

Login to FreePBX Administration.

Navigate to Settings > Advanced Settings.

Scroll down to the Dialplan and Operations section.

Set SIP Channel Driver to chan_sip.

Navigate to Settings > Asterisk SIP Settings.

Set Allow Anonymous Inbound SIP Calls to Yes.

Enter your internal networks. For Example 192.168.1.0 / 24.

Click Submit (bottom) followed by Apply Config.

Click Chan SIP at the top right of the page.

Set NAT to no.

Set IP Configuration to Static IP.

Set Override External IP to the IP address of your FreePBX server.

Scroll down to Other SIP Settings and click Add Field once. In the two sets of fields add the following:

tcpenable = yes

tlsenable = yes

Click Submit Changes followed by Apply Config.

Reboot the FreePBX server.

FreePBX Trunk Configuration (Shoretel)

Once the server has rebooted ensure you can log back in to FreePBX and that you have no errors displayed on the home page. If everything is OK, then it is time to create the Trunks on the FreePBX end.

Navigate to Connectivity > Trunks.

Click Add SIP (chan_sip) Trunk.

Enter a name for the Trunk. Ours is simply Shoretel.

Set Maximum Channel to the number of individual trunks you created in Shoretel earlier.

In the top Dialed Number Manipulation Rules row add a dot (.) in the match pattern field.

In the Outgoing Settings section specify the Trunk Name Again.

In the PEER Details section you need to add the following information, substituting anything in () for your details setup earlier. I’d recommend pasting the text into notepad to edit it.

Now, hopefully, if you navigate back to Reports > System Status you should see the graph line for Trunk Reg has increased to 1 from 0.

FreePBX Trunk Configuration (Skype)

Next you need to create the trunk in FreePBX that connect to Skype for Business. The steps are similar to the steps for the Shoretel trunk with a few tweaked settings.

Navigate to Connectivity > Trunks.

Click Add SIP (chan_sip) Trunk.

Enter a name for the Trunk. Ours is simply Skype.

In the top Dialed Number Manipulation Rules row add a pattern that matches your Off-System Extension range added in Shoretel earlier in the match pattern field. Ours is set to 85XX which will match any four digit extension starting with 85.

In the Outgoing Settings section specify the Trunk Name Again.

In the PEER Details section you need to add the following information, substituting anything in () for your details setup earlier. I’d recommend pasting the text into notepad to edit it.

Skype PSTN Gateway Configuration

Now you will need to make a topology change to your Skype for Business installation. You probably have some form of change control in place for these kind of changes so go and grab the required signatures and head back here.

Open up Skype Topology Builder and load your current topology ready to edit it. I won’t go into detail on how to do this here as any Skype Admin should know how to do it. Once open, you need to tweak the settings of your Mediation Pool in order to support this type of configuration. Heres how:

Expand Skype For Business > Site Name > Skype for Business Server 2015 > Mediation Pools.

Right-Click the mediation pool you want to use and click Edit Properties.

Ensure Enable TCP Port is Checked.

Set TLS: to 5067 – 5067.

Set TCP: to 5060 – 5060.

Click OK.

Next you need to add the PSTN Gateway to your Skype topology. Follow the steps below to add the PSTN Gateway:

Expand Skype For Business > Site Name > Shared Components and select PSTN Gateways.

Right-Click the Container and select New IP/PSTN Gateway.

For FQDN enter the IP address of your FreePBX server, then click Next.

Click Next unless you need to change any settings for your environment.

Set Trunk Name to FreePBX.

Set Listening Port to 5067.

Set SIP Transport Protocol to TLS.

Select the Skype pool you want to associate as the Mediate Server.

Set Associated Mediation Server Port to 5067.

Click Finish.

Next it’s time to create a trunk in Skype:

Expand Skype For Business > Site Name > Shared Components and select Trunks.

Right-Click the Container and select New Trunk.

Enter a Trunk Name.

Select your PSTN Gateway from the drop down menu.

Set Listening port for IP/PSTN gateway to 5061.

Set SIP Transport Protocol to TCP.

Select your Associated Mediation Server to the pool you want to use.

Set Associated Mediation Server port to 5060.

click OK.

Now you need to publish your topology in order to make the changes. I’ll leave that part up to you again incase you cause undesirable downtime or break something.

In theory, your trunks should come up shortly after the topology is published. You can check this from the home page of the FreePBX administration portal by checking the graph line for Trunk Rag has increased from 1 to 2.

Coffee Break

You’re probably getting bored with this post by now so I’d recommend a nice strong cup of coffee. I know I’m heading to grab one now while I’m typing it! I might even watch an episode of The Grand Tour while I drink it…

Skype Configuration

For the next part of the configuration you will need access to the Skype For Business Admin portal. Specifically the Voice Routing and Conferencing sections.

All of the steps in this section were performed on a Skype installation with no previous voice configuration. If your system already uses voice features I’d recommend leaving this bit to somebody that knows what they are doing if you don’t already.

First of all you need to create a Voice Policy:

Navigate to Voice Routing > Voice Policy.

Double click Global.

Check all check boxes in the Calling Features section.

Under Associated PSTN Usages section click New.

Set Name to Shoretel and click OK.

Set Call forwarding and simultaneous ringing PSTN usages to Route using the call PSTN Usages.

Click OK.

Next comes a Route. Navigate to Voice Routing > Route. If you already have routes listed then I suggest you stop following this post and consult the person responsible for voice routing in Skype if you don’t understand how it works. If you don’t have any routes, go ahead and follow these steps:

Click New.

Type a Name of your choice. We chose Shoretel.

Type .* (DotAsterisk) into the Match this pattern field.

In the Associated trunks section click Add…

In the Associated PSTN Usages section click Select…

Click Shoretel Followed by OK.

Click OK.

Click Commit > Commit All.

Now comes some Trunk Configuration:

Navigate to Voice Routing > Trunk Configuration.

Double click Global.

Ensure Encryption support level is set to Optional.

In the Associated PSTN Usages section click select…

Click Shoretel and click OK.

Click OK.

Click Commit > Commit all.

Time for the Dial Plan:

Navigate to Voice Routing > Dial Plan.

Double click Global.

Specify a Dial-In Conferencing Region. We chose UK since that is where we are.

Chose an External access prefix if you desire. We went with 9.

In the Associated Normalization Rules section click new.

Specify a Name of your choice.

In the Build a Normalization Rule section input the following settings (you will need to click the edit button to modify the final two settings)

Starting digits – Blank

Length – At least 1

Digits to remove – 0

Digits to add – Blank

Pattern to match – ^(\d+)$

Translation Rule – $1

Uncheck Internal extension.

Click OK.

Remove any other normalization rules.

Click OK.

Now click Commit > Commit all.

Skype Dial-In Access Number

While you are still in Skype you may as well configure the dial-in conferencing number. It won’t work yet but by doing so you will at least get some audible feedback to use to test your configuration while you complete the FreePBX and Shoretel routing later.

Navigate to Conferencing > Dial-In Access Number.

Click New.

Enter the Display number as a the DDI you plan to use for your dial-in conferencing number for external parties. e.g. +441618444444.

Add a Display name of your choice.

in Line URI add tel:#### to represent the extension you want to use. In our case it reads tel:8500.

In SIP URI add the sip address you want to assign. we went with sip:conferencing @ sipdomain.com.

Select your Pool.

Select the Primary Language for this particular number.

In the Associated Regions section click Add…

Select the region created in the dial plan and click OK.

Click Commit.

Don’t forget your users will need to be allowed to use Dial-In conferencing in the conferencing policy applied to them.

FreePBX Routes

Now you need to head on over to the FreePBX admin portal again to create some routes. This is another part that caused a lot of confusion when I was initially trying to get this to work thanks to some other guides not being accurate. Again the settings here may differ slightly depending on your setup.

The easiest way I found to route all calls through the Shoretel trunk unless they were specifically for an extension I knew existed in Skype. First of all I created the Incoming route to catch the calls for Skype.

Navigate to Connectivity > Inbound Routes.

Click Add Incoming Route in the top right of the page.

Populate the settings below. Any I miss assume they are left as default:

Description – ShortelIn8500

DID Number – 8500

Set Destination – [Trunks][Skype (sip)]

Click Submit.

Then I created an Incoming Route for anything else:

Navigate to Connectivity > Inbound Routes.

Click Add Incoming Route in the top right of the page.

Populate the settings below. Any I miss assume they are left as default:

Description – SkypeIn

Set Destination – [Trunks][Shoretel (sip)]

Click Submit and then Apply Config.

Testing

Now in theory internal users should now be able to dial the extension assigned to Skype PSTN Conferencing and hear the auto attendant saying “Welcome to the audio conferencing center.”

You should also be able to start a Skype Meeting using the meet now feature in Skype and add a recipient by typing in their extension or telephone number and hitting enter.

Assigning a DDI

Since Shoretel allows you to add other internal people to a call anyway this solution won’t be much use unless you map a DDI to the extension setup for Skype. I did this using a DNIS mapping on the ISDN trunk that the DDI belongs to. To do this follow these steps:

Login to Shoreware Director.

Navigate to Trunks > Trunk Groups.

Select the trunk group that carries the DDI you wish to use. This was one of our ISDN groups.

Click Edit DNIS Map.

In the Received Digits field, enter the DDI in local format, ie excluding the country code and area code.

In the next field add a name for the map. We went with Skype conferencing.

Next select the Off System radio button and select the range you created in your SIP Trunk Group Extensions earlier.

In the next field type the extension number used by Skype. 8500 in our case.

Leave the Music on Hold as default.

Click Add this record to the left of the row you have just filled in.

Click Save.

click Save again.

At this point you should be able to dial the DDI you have just configured from a mobile phone and hear the same audio prompt from the Skype auto attendant.

Conclusion

No doubt this post was a little tedious to follow. Unfortunately there isn’t a technique I’m aware of to make SIP an interesting subject. I do hope it might have helped somebody though at the end of the day. Or prevented any premature hair loss.